CVE 8.7 HIGH

Edimax EW-7438RPn webs formWirelessTbl buffer overflow_CVE-2026-9346

May 23, 2026 invoker category_cve
8.7 / 10
HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A flaw has been found in Edimax EW-7438RPn up to 1.31. This impacts the function formWirelessTbl of the file /goform/formWirelessTbl of the component webs. Executing a manipulation of the argument submit-url can lead to buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

Buffer overflow vulnerability in Edimax EW-7438RPn up to 1.31 via manipulation of the submit-url argument in the formWirelessTbl function

Basic Information

ID CVE-2026-9346
Source VulDB
Published May 24, 2026 at 00:30

Affected Product

Vendor Edimax
Product EW-7438RPn
Version 1.0
Affected Versions Edimax EW-7438RPn 1.0
Edimax EW-7438RPn 1.1
Edimax EW-7438RPn 1.2
Edimax EW-7438RPn 1.3
Edimax EW-7438RPn 1.4
Edimax EW-7438RPn 1.5
Edimax EW-7438RPn 1.6
Edimax EW-7438RPn 1.7
Edimax EW-7438RPn 1.8
Edimax EW-7438RPn 1.9
Edimax EW-7438RPn 1.10
Edimax EW-7438RPn 1.11
Edimax EW-7438RPn 1.12
Edimax EW-7438RPn 1.13
Edimax EW-7438RPn 1.14
Edimax EW-7438RPn 1.15
Edimax EW-7438RPn 1.16
Edimax EW-7438RPn 1.17
Edimax EW-7438RPn 1.18
Edimax EW-7438RPn 1.19
Edimax EW-7438RPn 1.20
Edimax EW-7438RPn 1.21
Edimax EW-7438RPn 1.22
Edimax EW-7438RPn 1.23
Edimax EW-7438RPn 1.24
Edimax EW-7438RPn 1.25
Edimax EW-7438RPn 1.26
Edimax EW-7438RPn 1.27
Edimax EW-7438RPn 1.28
Edimax EW-7438RPn 1.29
Edimax EW-7438RPn 1.30
Edimax EW-7438RPn 1.31

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.7 / 10
AI Severity High
Vendor Edimax
Product EW-7438RPn
Version 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12, 1.13, 1.14, 1.15, 1.16, 1.17, 1.18, 1.19, 1.20, 1.21, 1.22, 1.23, 1.24, 1.25, 1.26, 1.27, 1.28, 1.29, 1.30, 1.31

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.